52c7492e01f004a4904c300a112521b04f400a4f0720728bb81229e303930044 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52c7492e01f004a4904c300a112521b04f400a4f0720728bb81229e303930044
Size

377KB
Sample

221020-tvng7adda3
MD5

9698dd75d5bfe33c591014d6ac65f100
SHA1

9fd57b0d4e5c8af8c5e30c1c47c976b7f462d584
SHA256

52c7492e01f004a4904c300a112521b04f400a4f0720728bb81229e303930044
SHA512

4c829f5c00cf619ca0b6824b1a8aaa0bc15e5e863265339fa52a5dec0cdfc3091c54647d5b3e2234a7ce53b3cb29c2f5fdb60616278c67c302e654a96e71574c
SSDEEP

6144:16OwqYpp93oxB0clrYrwcZDT+d84MLRpx8nNcJa2db/Slsm1VcXGOfzE/8l14:cOoV4/L4bDsU9/8GPdLSl91Vc66u

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  52c7492e01f004a4904c300a112521b04f400a4f0720728bb81229e303930044
- Size
  
  377KB
- MD5
  
  9698dd75d5bfe33c591014d6ac65f100
- SHA1
  
  9fd57b0d4e5c8af8c5e30c1c47c976b7f462d584
- SHA256
  
  52c7492e01f004a4904c300a112521b04f400a4f0720728bb81229e303930044
- SHA512
  
  4c829f5c00cf619ca0b6824b1a8aaa0bc15e5e863265339fa52a5dec0cdfc3091c54647d5b3e2234a7ce53b3cb29c2f5fdb60616278c67c302e654a96e71574c
- SSDEEP
  
  6144:16OwqYpp93oxB0clrYrwcZDT+d84MLRpx8nNcJa2db/Slsm1VcXGOfzE/8l14:cOoV4/L4bDsU9/8GPdLSl91Vc66u
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2